CVE-2023-51518

EIP tracks 1 public exploit for CVE-2023-51518. PoCs published by mbadanoiu.

AI-analyzed exploit summary This repository provides a writeup and references for CVE-2023-51518, a preauthenticated Java deserialization vulnerability in Apache James. It includes details on exploitation vectors and references to external resources for further technical details.

Apache James prior to version 3.7.5 and 3.8.0 exposes a JMX endpoint on localhost subject to pre-authentication deserialisation of untrusted data. Given a deserialisation gadjet, this could be leveraged as part of an exploit chain that could result in privilege escalation. Note that by default JMX endpoint is only bound locally. We recommend users to:  - Upgrade to a non-vulnerable Apache James version  - Run Apache James isolated from other processes (docker - dedicated virtual machine)  - If possible turn off JMX